package com.ktjiaoyu.crm.config.shiro;

import com.ktjiaoyu.crm.config.shiro.realm.AuthorizingRealm;
import com.ktjiaoyu.crm.entity.User;
import com.ktjiaoyu.crm.service.IUserService;
import sun.net.www.protocol.http.AuthenticationInfo;

import javax.annotation.Resource;

/**
 * @Author：南小楠
 */
public class MyShiroRealm extends AuthorizingRealm {
    @Resource
    private IUserService userService;
    @Override
    protected <AuthenticationToken> AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        System.out.println("调用MyShiroRealm.doGetAuthenticationInfo获取身份信息！");
        //获得身份信息
         UsernamePasswordToken token = (UsernamePasswordToken) authenticationToken;
         String usrName = token.getUsername();
         User user = userService.getUserByUsrName(usrName);
         if(user==null){
         throw new UnknownAccountException(); //账号错误
         }
         if(user.getUsrFlag()==null || user.getUsrFlag().intValue()==0){
         throw new LockedAccountException(); //账号锁定
         }
         SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(
         user,//身份(根据用户名查询数据库获得的用户)
         user.getUsrPassword(),//凭证(查询数据库获得的密码)
         getName()//Realm对象的名称
         );
    }
        // 返回身份信息
     return info;
     }
     @Override
     protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
         System.out.println("调用MyShiroRealm.doGetAuthorizationInfo获取权限信息！");
         //获得权限信息
         User user = (User) principalCollection.getPrimaryPrincipal();
         SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
         // 暂不授予权限信息，下章再学习授权
         return info;
         }
          }
}
